FW: [PLUG] Microsoft to kill popular Linux antivirus product (fwd)

Wil Cooley wcooley at nakedape.cc
Thu Jun 12 11:06:01 UTC 2003


On Thu, 2003-06-12 at 10:58, cooper at cooper.stevenson.name wrote:

> Also, please keep this in perspective. Here's what a user would have to do
> on a "normal" Linux system to run malicious code from a Linux email
> client:

You're thinking about the /obvious/ way you would download and run an
executable e-mail attachment.  Even the Lookout exploits don't usually
use /obvious/ means--they exploit bugs in handling of multi-part
boundaries and such.

1. Use an exploit in MUA code; e.g. MIME handling or something.
2. Inject malicious code.

It's certainly not as easy as having Lookout automatically open the
malicious file, but it's entirely conceivable.

Wil
-- 
Wil Cooley                                 wcooley at nakedape.cc
Naked Ape Consulting                        http://nakedape.cc
* * * * Linux, UNIX, Networking and Security Solutions * * * *
*     Tired of spam and viruses in your e-mail?  Get the     *
* Naked Ape Mail Defender! http://nakedape.cc/r/maildefender *

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20030612/a1413f7e/attachment.asc>


More information about the PLUG mailing list